Ransomware Now Considered a “Crisis” in the Financial Services Sector

Sep 28, 2023 4:20:16 PM By Stu Sjouwerman

A recent panel discussion of banking CISOs and experts at the SIBOS conference focused on the current state of ransomware and what institutions should do to protect themselves.

It’s Official – Generative AI Has Made Phishing Emails Foolproof

Sep 28, 2023 4:20:04 PM By Stu Sjouwerman

The most basic use of tools like ChatGPT to script out professional-looking emails has all but eliminated improperly written content as an indicator of a potential phishing scam.

Threat Group UNC3944 Continues to See Success Using Text-Based Social Engineering

Sep 28, 2023 4:19:51 PM By Stu Sjouwerman

A new update on UNC3944 group's activities shows how they are evolving their focus squarely on SMiShing credential harvesting attacks that result in data theft/extortion attacks.

Pharma Industry Seeing Reduction in Data Breach Costs, But Still Have Much to Do

Sep 28, 2023 4:19:36 PM By Stu Sjouwerman

Insights from IBM’s Cost of a Data Breach Report on the Pharmaceutical Industry shows that while the overall cost has improved, there are clear areas of risk that need to be addressed.

Facebook Messenger Becomes the Delivery Mechanism for Infostealer Malware Attack

Sep 28, 2023 4:19:23 PM By Stu Sjouwerman

Millions of business accounts on Facebook are the target of a new malware attack, which is seeing a success rate of 1 out of 70, causing concern for the security of corporate credentials.

How Zero-Point Fonts in Phishing Emails Make Them Look Safe

Sep 28, 2023 12:56:43 PM By Stu Sjouwerman

Attackers are using zero-point fonts to make phishing emails appear as though they’ve been verified by security scanners, BleepingComputer reports.

New Threat Actor Impersonates the Red Cross to Deliver Malware

Sep 28, 2023 9:17:22 AM By Stu Sjouwerman

Researchers at NSFOCUS are tracking a phishing campaign by a new threat actor called “AtlasCross” that’s impersonating the Red Cross in order to deliver malware.

[LIVE DEMO] Are Your Users Making Risky Security Mistakes? Deliver Real-Time Coaching in Response to Risky User Behavior with SecurityCoach

Sep 28, 2023 8:15:00 AM By Stu Sjouwerman

Do you need an easy, automated way to provide real-time feedback the moment your users make risky mistakes to help reinforce the training campaigns you manage today?

Why BJ Fogg and Daniel Kahneman Are Big Security Pro Must-Knows

Sep 27, 2023 8:47:40 AM By Stu Sjouwerman

You're no stranger to the complexities of safeguarding your organization's digital assets. But have you considered the human element in your security equation? Behavioral economics, ...

Practical Insights To Improve Security Awareness in Higher Education

Sep 26, 2023 9:40:31 AM By Martin Kraemer

I am a strong believer that understanding cybersecurity as part of an organization-wide process is of the utmost importance.

Deepfakes: The Threat to Reality and How To Defend Against It

Sep 26, 2023 9:40:12 AM By Javvad Malik

Deepfakes have emerged as a serious concern in the digital landscape, presenting a significant threat to truth and trust.

New Wave of Hospitality Phishing Attacks: Compromise User Credentials, Then Go Phish

Sep 25, 2023 9:54:21 AM By Stu Sjouwerman

The hospitality sector is seeing a new wave of phishing attacks. These new attacks are more plausible because they begin with compromised credentials and move to fraudulent emails sent ...

[NEW RELEASE]: Unleash the Power of Cybersecurity Education with KnowBe4’s 'Hack-A-Cat' on Roblox

Sep 25, 2023 8:30:00 AM By Stu Sjouwerman

What do cheese, fish and cybersecurity training have in common? Each of these comes together to help keep kids informed about cyber threats and cybersecurity best practices with KnowBe4’s ...

Cybercriminals Use Google Looker Studio to Host Crypto Scam to Steal Money and Credentials

Sep 25, 2023 8:15:00 AM By Stu Sjouwerman

Security researchers at Check Point have discovered yet another attack that leverages legitimate web applications to host attacks in order to bypass security scanners.

Tools From Cybercrime Software Vendor W3LL Found to be Behind the Compromise of 56K Microsoft 365 Accounts

Sep 25, 2023 8:00:00 AM By Stu Sjouwerman

A new report uncovers the scope and sophistication found in just one cybercrime vendor’s business that has aided credential harvesting and impersonation attacks for the last 6 years.

MFA Defenses Fall Victim to New Phishing-As-A-Service Offerings

Sep 25, 2023 8:00:00 AM By Stu Sjouwerman

ZeroFox warns that phishing-as-a-service (PhaaS) offerings are increasingly including features to bypass multi-factor authentication.

Vanishing Act: The Secret Weapon Cybercriminals Use in Your Inbox

Sep 21, 2023 11:57:30 AM By Stu Sjouwerman

Researchers at Barracuda describe how attackers use legitimate email inbox rules to control compromised accounts and evade detection.

TikTok Impersonations of Elon Musk Scam Victims of Their Bitcoin

Sep 20, 2023 9:07:37 AM By Stu Sjouwerman

There’s been a surge of Elon Musk-themed cryptocurrency scams on TikTok, BleepingComputer reports. The scammers inform the victims that they can claim their reward after spending a small ...

Data Breach Costs Rise, But Cybersecurity Pros Still Take Risks

Sep 20, 2023 8:10:03 AM By Stu Sjouwerman

The latest data from IBM shows that the average cost of a data breach has gone up by 2% to a whopping $4.45 million. You would think that in the cybersecurity industry, people would be ...

Romance Scams That Run Your Crypto Wallet Dry

Sep 19, 2023 9:31:19 AM By Stu Sjouwerman

Scammers are using dating sites to lure victims into phony cryptocurrency investment schemes, according to Sean Gallagher at Sophos.

Security Awareness Training Blog